<?php
session_start();
  include('../include/db_connect.php');

function inDB(){
$password = md5($_SERVER['PHP_AUTH_PW']);
$queryL="SELECT idUSERNAME, gebruikers_naam, wachtwoord FROM USERNAME
                  WHERE BINARY
                  gebruikers_naam='".$_SERVER['PHP_AUTH_USER']."'
                  AND
                  wachtwoord='".$password."'
                  AND
                  admin = 1
                  AND
                  status='act'";
                  

/*
gebruikers_naam='Muurverf'
                  //wachtwoord='".$_SERVER['PHP_AUTH_PW']."'";*/


$resL=   mysql_query($queryL) or die(mysql_error());
$usR =   mysql_fetch_array($resL);
if ($usR===false) return false;
return $usR['idUSERNAME'];
}

$usR = inDB();


?>
<style type="text/css">
div#noPermission{
margin-left:auto;
margin-right:auto;
text-align:center;
}
#noPermission a{
text-decoration:none;
color: #000000;
}
#noPermission a:hover{
text-decoration:none;
color: #ff0000;
}
#noPermissionImage a{
margin-top:-30px;
margin-left:auto;
margin-right:auto;
background-image:url('images_admin/icon_stop.png');
display:block;
width:512px;
height:512px;
text-decoration:none;
color: #000000;
}
#noPermissionImage a:hover{
margin-top:-30px;
margin-left:auto;
margin-right:auto;
background-image:url('images_admin/icon_stop2.png');
display:block;
width:512px;
height:512px;
text-decoration:none;
color: #ff0000;
}
</style>
<?php
if(!isset($_SERVER['PHP_AUTH_USER'])||$usR===false)
  {
    Header("WWW-Authenticate: Basic realm=\"Vul je gebruikersnaam en wachtwoord in\"");
    Header("HTTP/1.0 401 Unauthorized");
    echo '<div id="noPermission">';
	echo '<h1> U heeft geen authorisatie om hier te komen.</h1><br>';
	echo '<div id="noPermissionImage">';
	echo '<a href="../index.php"></a>';
	echo '</div>';
	echo '<h1> <a href="../index.php">Klik hierom terug te gaan naar de index site</a> </h1><br>';
	echo '</div>';

   }
   else{
    //echo $usR;

?>
<script type="text/javascript">
var current = "1";
function pageSwitch(id){
	if(!document.getElementById) return false;
	var div = document.getElementById("page"+id);
	var curDiv = document.getElementById("page"+current);
	curDiv.style.display = "none";
	div.style.display = "block";
	current = id;
}
</script>
		<style type="text/css" media="screen"><!--
.hiddenDiv {
	display: none;
	}
.visibleDiv {
	display: block;
	border: /1px grey solid;
	}

--></style>
		<!-- Start of Page Header -->
		
	<?php include("include/admin_header.php"); ?>


		<!-- End of Page Header -->
	<?php include("include/admin_menu.php"); ?>

<?php
if(!isset($_GET['sub1']) && !isset($_GET['sub2'])) {
		header("Location: productbeheer.php?sub1=&sub2=");
	}

echo "<div id='main_content'>";
	echo "<div id='super_main_content'>";
		echo "<h2>Productoverzicht</h2>";
				
		$textQuery = mysql_query("SELECT `omschrijving` FROM `PAGINAOMSCHRIJVING` WHERE `naam_pagina` = 'productoverzicht.php'");
		if(!$textQuery) {
			die("Query failed. Please try again later.");
		}
		$welcomeText = mysql_result($textQuery, 0);
		echo $welcomeText;
		echo "<div id='product_overview'>";
			echo "<table id='product_overview' border=1>";
				if($_GET['sub1'] != "") 
				{
					if($_GET['sub2'] == "") 
					{
						$res = mysql_query("SELECT DISTINCT `sub2` AS 'category' ".
						                   "FROM `PRODUCT` ".
						                   "WHERE `sub1` = '".$_GET['sub1']."'");
						if(!$res)
						{
							die("Query failed. Please try again later. ".mysql_error());
						}
						printCategory2($res, 2, $_GET['sub1']);
					} else if($_GET['sub2'] != "") 
					{
						$res = mysql_query("SELECT DISTINCT `sub3` AS 'category' ".
						                   "FROM `PRODUCT` ".
						                   "WHERE `sub1` = '".$_GET['sub1']."' ".
						                   "AND `sub2` = '".$_GET['sub2']."'");
						if(!$res) 
						{
							die("Query failed. Please try again later. ".mysql_error());
						}
						if(mysql_result($res, 0) == NULL) 
						{
							header("Location: product.php?sub1=".$_GET['sub1']."&sub2=".$_GET['sub2']);
						}
							printCategory2($res, 3, $_GET['sub1'], $_GET['sub2']);
					}
					}else 
					{
						$res = mysql_query("SELECT DISTINCT `sub1` AS 'category' FROM `PRODUCT` ORDER BY `category`");
						if(!$res) 
						{
							die("Query failed. Please try again later. ".mysql_error());
						}
						printCategory2($res, 1);
					}
				}
					//functie om de categorie tabel uit te printen
					function printCategory2($res, $iSub, $sub1 = '', $sub2 = '', $sub3 = '') {
						while($row = mysql_fetch_assoc($res)){
							switch($iSub) {
								case 1: 
									$sub1 = $row['category'];
									$htCategory = "<a href='?sub1=".$sub1."&sub2=".$sub2."'>".$row['category']."</a>";
									$catQuery = mysql_query("SELECT `sub2` FROM `PRODUCT` WHERE `sub1` = '".$sub1."'");
									if(!$catQuery) {
										die("Query failed. ".mysql_error());
									}
									if(mysql_result($catQuery, 0) == NULL) {
										$htCategory = "<a href='product.php?sub1=".$sub1."'>".$row['category']."</a>";
									}
								break;
								case 2: 
									$sub2 = $row['category'];
									$htCategory = "<a href='?sub1=".$sub1."&sub2=".$sub2."'>".$row['category']."</a>";
									$catQuery = mysql_query("SELECT `sub3` FROM `PRODUCT` WHERE `sub2` = '".$sub2."'");
									if(!$catQuery) {
										die("Query failed. ".mysql_error());
									}
									if(mysql_result($catQuery, 0) == NULL) {
										$htCategory = "<a href='product.php?sub1=".$sub1."&sub2=".$sub2."'>".$row['category']."</a>";
									}
								break;
								case 3:
									$sub3 = $row['category'];
									$htCategory = "<a href='product.php?sub1=".$sub1."&sub2=".$sub2."&sub3=".$sub3."'>".$row['category']."</a>";
								break;
					}
						echo "<tr>";
						echo "<td>";
						echo $htCategory;
						echo "</td>";
						echo "</tr>";
				}
			echo "</table>";
		echo "</div>";
	echo "</div>";
	
	echo "</div>";
	echo "<div class='clearthis'></div>";
?>
	<?php include("include/admin_footer.php"); 
}
?>
